Retrospective censorship

[Richard Clayton]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <il1K8sDN4C+6EwHD@xemu.demon.co.uk>, Dave Bird
<dave@xemu.demon.co.uk> writes

> The only thing I can suggest it that any article is published
> with a digital signature, perhaps one whose signing (but not
> verifying) side is broken after a year, and a notice:

[snip]

crypto can do many interesting (and sometimes implausible) things, but
interacting in this way with time is not currently known to be possible

You can produce protocols that release secrets after a given period, but
you will need a trusted party (or perhaps some tamper-proof hardware
with a built-in clock) to do this...

There are also crypto systems that are designed to keep secrets for long
(but finite) periods; for example the Ron Rivest, Adi Shamir & David
Wagner system based on squaring numbers (mod n)

this forms the basis of a well-known challenge that runs from now until
(in theory anyway) 2033:

    http://theory.lcs.mit.edu/~rivest/lcs35-puzzle-description.txt

You could consider using this scheme to provide signatures that were
breakable after a year - but of course a well-funded attack will always
run faster than an individual might manage - which may be undesirable.
((An approach using third parties would probably be inferior - because
of the risk of legal attack on small numbers of third parties.))

- -- 
richard                     richard.clayton  @  h i g h w a y m a n . com

"Assembly of Japanese bicycle require great peace of mind" quoted in ZAMM

-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1

iQA/AwUBOviAchfnRQV/feRLEQK7eACdFEW8HlVizAnlp86OHRAN0C8ITroAoOi/
U+MvOX30OTjU9zbftTofDqhn
=J6zX
-----END PGP SIGNATURE-----